|
Log-Analyse und Auswertung: Windows 7: Proxy angeblich auf localhost:21320Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
02.04.2014, 11:57 | #1 |
| Windows 7: Proxy angeblich auf localhost:21320 Hallo, ich nutze das Wiso Steuer Sparbuch. Wenn ich ein Update machen möchte, bekomme ich seit gestern die Fehlermeldung: Proxyserver reagiert nicht. Überprüfen Sie die Proxyeinstellungen localhost:21320 Unter Internetoptionen > Verbindungen > LAN-Einstellungen ist aber kein Proxy eingerichtet! An der Firewall habe ich - meines Wissens - auch nichts verändert. Nachdem ich bei Google nichts finde, auch nicht im Zusammenhang mit Wiso, habe ich jetzt den Verdacht, dass ich mir etwas eingefangen habe. Kann das sein? Die "Anleitung für Hilfesuchende" habe ich durchgelesen und die einzelnen Schritte durchgeführt. Hinweis: ich nutze den Rechner auch als Freiberuflerin. Defogger wurde ohne Fehler beendet. Avira findet bei einem kompletten Systemscan nichts. FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by ike (ATTENTION: The logged in user is not administrator) on SIXTYFIVE on 02-04-2014 11:21:07 Running from C:\Users\ike\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (LaCie) C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] - [X] HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation) HKLM\...\Run: [picon] - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] () HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited) HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated) HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-08-20] (Lenovo) HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] () HKLM-x32\...\Run: [PWMTRV] - rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-04-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\Policies\Explorer: [DisallowCpl] 1 HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [MyPhoneExplorer] - C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe [5127896 2013-09-02] (F.J. Wechselberger) HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung) HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\MountPoints2: {6bc48649-2ce5-11e1-8cfa-806e6f6e6963} - D:\SETUP.EXE HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\MountPoints2: {ed1c6d4f-45ac-11e1-840b-005056c00008} - H:\SETUP.EXE Lsa: [Notification Packages] scecli ACGina Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk ShortcutTarget: Wuala.lnk -> C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe (LaCie) Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2883572FA868CD01 BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKCU - No Name - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No File DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://eu.secure.linde.com/,DSID=b4ac6b3a41ce43e43b63515bdec8448d,DanaInfo=mlgmuc00mail042.linde.lds.grp,ST=1+/dwa85W.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secure.linde.com/dana-cached/sc/JuniperSetupClient.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Users\ike\AppData\Roaming\mozilla\plugins\npMeetingJoinPluginAOCUser.dll () FF SearchPlugin: C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\searchplugins\duckduckgo.xml FF SearchPlugin: C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\searchplugins\ixquick-https---deutsch.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: FRITZ!Box AddOn - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\fb_add_on@avm.de [2013-07-24] FF Extension: Bitdefender QuickScan - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2013-10-07] FF Extension: Adblock Plus Pop-up Addon - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\adblockpopups@jessehakanen.net.xpi [2012-01-03] FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\elemhidehelper@adblockplus.org.xpi [2012-10-28] FF Extension: Firebug - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\firebug@software.joehewitt.com.xpi [2012-01-03] FF Extension: Ghostery - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\firefox@ghostery.com.xpi [2013-08-03] FF Extension: It's All Text! - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\itsalltext@docwhat.gerf.org.xpi [2012-01-03] FF Extension: ShareMeNot - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\sharemenot@franziroesner.com.xpi [2012-01-22] FF Extension: SiteDelta - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\sitedelta@schierla.de.xpi [2012-01-03] FF Extension: Tree Style Tab - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\treestyletab@piro.sakura.ne.jp.xpi [2012-01-03] FF Extension: All-in-One Sidebar - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi [2012-01-03] FF Extension: SmoothWheel (mozdev.org) - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}.xpi [2012-01-03] FF Extension: Google Analytics Opt-out Browser Add-on - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2014-01-06] FF Extension: NoScript - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-07-04] FF Extension: Clip to OneNote - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{966762eb-7132-4081-ac70-20d20161ad96}.xpi [2012-01-17] FF Extension: Tab Mix Plus - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2012-01-03] FF Extension: Adblock Edge - C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012-10-28] ==================== Services (Whitelisted) ================= S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] () R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc.) R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.) R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] () S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited) R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-12-13] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation) S3 NETw5s64; system32\DRIVERS\NETw5s64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-02 11:21 - 2014-04-02 11:21 - 00019770 _____ () C:\Users\ike\Desktop\FRST.txt 2014-04-02 11:21 - 2014-04-02 11:21 - 00000000 ____D () C:\FRST 2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log 2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable 2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe 2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe 2014-04-02 11:12 - 2014-04-02 11:12 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt 2014-04-02 10:59 - 2014-04-02 10:59 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt 2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe 2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt 2014-04-02 10:15 - 2014-04-02 10:15 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe 2014-04-02 09:45 - 2014-04-02 09:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-02 09:45 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-02 09:45 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-02 09:45 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-31 12:17 - 2014-04-02 08:53 - 00091128 _____ () C:\Users\ike\Documents\TerminierungsTool1.xlsx 2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen 2014-03-24 12:09 - 2014-03-24 12:11 - 00049234 _____ () C:\Users\ike\Documents\BaugruppenNachBedarfsimport.xlsx 2014-03-19 18:42 - 2014-03-19 18:43 - 00000000 ____D () C:\Program Files (x86)\Hagemeyer 2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat 2014-03-12 19:25 - 2014-03-12 19:56 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung 2014-03-12 08:55 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-12 08:55 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-12 08:55 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-12 08:55 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-12 08:55 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-12 08:55 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-12 08:55 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-12 08:55 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-12 08:55 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-12 08:55 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-12 08:55 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-12 08:55 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-12 08:55 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-12 08:55 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-12 08:55 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-12 08:55 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-12 08:55 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-12 08:55 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-12 08:55 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-12 08:55 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-12 08:55 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-12 08:55 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-12 08:55 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-12 08:55 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-12 08:55 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-12 08:55 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-12 08:55 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-12 08:55 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-12 08:55 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-12 08:55 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-12 08:55 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-12 08:55 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-12 08:55 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-12 08:55 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-12 08:55 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-12 08:55 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-12 08:55 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-12 08:55 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-12 08:55 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-12 08:55 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-12 08:55 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 08:55 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-12 08:55 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-12 08:55 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-12 08:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-12 08:54 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 08:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 08:54 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-06 12:07 - 2014-03-28 10:15 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp 2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype 2014-03-03 15:00 - 2014-04-02 11:02 - 00000000 ____D () C:\AdwCleaner 2014-03-03 14:19 - 2014-03-03 14:19 - 01064488 _____ (BillP Studios) C:\Users\ikeAdmin\Downloads\wpsetup.exe 2014-03-03 14:02 - 2014-03-03 14:02 - 00000085 _____ () C:\Windows\wininit.ini 2014-03-03 12:07 - 2014-03-03 12:07 - 00000000 ____D () C:\Windows\ERUNT 2014-03-03 12:01 - 2014-04-02 10:22 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe 2014-03-03 10:39 - 2014-03-03 10:40 - 00074953 _____ () C:\Users\ike\Downloads\Addition.txt 2014-03-03 10:38 - 2014-03-03 10:40 - 00047705 _____ () C:\Users\ike\Downloads\FRST.txt 2014-03-03 10:38 - 2014-03-03 10:38 - 02156544 _____ (Farbar) C:\Users\ike\Downloads\FRST64.exe ==================== One Month Modified Files and Folders ======= 2014-04-02 11:21 - 2014-04-02 11:21 - 00019770 _____ () C:\Users\ike\Desktop\FRST.txt 2014-04-02 11:21 - 2014-04-02 11:21 - 00000000 ____D () C:\FRST 2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log 2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable 2014-04-02 11:20 - 2011-12-22 23:48 - 00000000 ____D () C:\Users\ikeAdmin 2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe 2014-04-02 11:18 - 2013-02-25 15:52 - 00735986 _____ () C:\Windows\system32\perfh015.dat 2014-04-02 11:18 - 2013-02-25 15:52 - 00157504 _____ () C:\Windows\system32\perfc015.dat 2014-04-02 11:18 - 2011-12-22 23:47 - 02038210 _____ () C:\Windows\WindowsUpdate.log 2014-04-02 11:18 - 2011-06-02 08:18 - 00741084 _____ () C:\Windows\system32\perfh00A.dat 2014-04-02 11:18 - 2011-06-02 08:18 - 00160106 _____ () C:\Windows\system32\perfc00A.dat 2014-04-02 11:18 - 2011-06-02 08:14 - 00724646 _____ () C:\Windows\system32\prfh0816.dat 2014-04-02 11:18 - 2011-06-02 08:14 - 00154538 _____ () C:\Windows\system32\prfc0816.dat 2014-04-02 11:18 - 2011-06-02 08:09 - 00709508 _____ () C:\Windows\system32\prfh0416.dat 2014-04-02 11:18 - 2011-06-02 08:09 - 00149288 _____ () C:\Windows\system32\prfc0416.dat 2014-04-02 11:18 - 2011-06-02 08:05 - 00735674 _____ () C:\Windows\system32\perfh010.dat 2014-04-02 11:18 - 2011-06-02 08:05 - 00148478 _____ () C:\Windows\system32\perfc010.dat 2014-04-02 11:18 - 2011-06-02 08:01 - 00705108 _____ () C:\Windows\system32\perfh007.dat 2014-04-02 11:18 - 2011-06-02 08:01 - 00151476 _____ () C:\Windows\system32\perfc007.dat 2014-04-02 11:18 - 2011-06-02 07:57 - 00741344 _____ () C:\Windows\system32\perfh00C.dat 2014-04-02 11:18 - 2011-06-02 07:57 - 00151212 _____ () C:\Windows\system32\perfc00C.dat 2014-04-02 11:18 - 2011-06-02 07:53 - 00739126 _____ () C:\Windows\system32\perfh013.dat 2014-04-02 11:18 - 2011-06-02 07:53 - 00154734 _____ () C:\Windows\system32\perfc013.dat 2014-04-02 11:18 - 2009-07-14 07:13 - 07821810 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe 2014-04-02 11:16 - 2012-01-12 13:40 - 00000000 ____D () C:\Users\ike\AppData\Roaming\Skype 2014-04-02 11:15 - 2012-01-09 12:30 - 00000000 ____D () C:\Users\ike\AppData\Local\TSVNCache 2014-04-02 11:14 - 2013-12-17 08:55 - 00006384 _____ () C:\Windows\setupact.log 2014-04-02 11:14 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-02 11:13 - 2012-01-09 16:37 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\TSVNCache 2014-04-02 11:12 - 2014-04-02 11:12 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt 2014-04-02 11:05 - 2012-07-06 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-02 11:02 - 2014-03-03 15:00 - 00000000 ____D () C:\AdwCleaner 2014-04-02 11:01 - 2011-12-23 00:14 - 00123872 _____ () C:\Users\ikeAdmin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-02 10:59 - 2014-04-02 10:59 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt 2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe 2014-04-02 10:56 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-02 10:56 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-02 10:49 - 2011-12-29 14:36 - 00123872 _____ () C:\Users\ike\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-02 10:48 - 2013-07-31 22:01 - 00102230 _____ () C:\Windows\PFRO.log 2014-04-02 10:48 - 2009-07-14 06:45 - 00508664 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-02 10:41 - 2013-01-17 09:17 - 00000000 ____D () C:\Users\ike\AppData\Local\Deployment 2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt 2014-04-02 10:22 - 2014-03-03 12:01 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe 2014-04-02 10:15 - 2014-04-02 10:15 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe 2014-04-02 09:50 - 2014-04-02 09:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-02 09:45 - 2012-03-20 10:48 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-02 08:53 - 2014-03-31 12:17 - 00091128 _____ () C:\Users\ike\Documents\TerminierungsTool1.xlsx 2014-04-02 07:29 - 2012-01-12 16:57 - 00000000 ____D () C:\Users\ike\.VirtualBox 2014-04-01 22:18 - 2013-03-24 17:00 - 00000000 ____D () C:\Users\ike\AppData\Roaming\TV-Browser 2014-04-01 11:03 - 2014-02-13 08:43 - 00007218 _____ () C:\Users\ike\Documents\SnagitLog.dat 2014-03-31 15:41 - 2012-01-25 20:17 - 00000072 _____ () C:\Users\Public\LMDebug.log 2014-03-28 13:48 - 2012-11-23 14:57 - 00000039 _____ () C:\Windows\vbaddin.ini 2014-03-28 13:48 - 2011-12-23 01:00 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-28 10:15 - 2014-03-06 12:07 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp 2014-03-28 10:10 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-03-27 17:52 - 2012-01-18 17:02 - 00000600 _____ () C:\Users\ike\AppData\Roaming\winscp.rnd 2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen 2014-03-24 15:42 - 2012-05-02 13:42 - 00000000 ____D () C:\Users\ike\AppData\Local\CrashDumps 2014-03-24 12:11 - 2014-03-24 12:09 - 00049234 _____ () C:\Users\ike\Documents\BaugruppenNachBedarfsimport.xlsx 2014-03-24 08:36 - 2012-11-23 08:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-23 15:11 - 2014-02-15 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-20 08:50 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew 2014-03-20 08:48 - 2009-07-14 04:34 - 00000510 _____ () C:\Windows\win.ini 2014-03-19 18:43 - 2014-03-19 18:42 - 00000000 ____D () C:\Program Files (x86)\Hagemeyer 2014-03-19 08:51 - 2013-12-20 09:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-03-18 09:03 - 2013-07-23 21:29 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-18 09:01 - 2011-12-23 00:27 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat 2014-03-12 20:25 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-12 20:00 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 19:56 - 2014-03-12 19:25 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung 2014-03-11 21:05 - 2012-04-10 11:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-11 21:05 - 2011-12-23 14:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-10 08:54 - 2011-12-23 00:07 - 00000000 ____D () C:\Program Files (x86)\Lenovo 2014-03-10 08:53 - 2011-12-23 22:58 - 00000000 ____D () C:\ProgramData\Lenovo 2014-03-10 08:52 - 2012-01-13 12:18 - 00123872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2014-03-10 08:52 - 2012-01-13 12:18 - 00000000 ____D () C:\Users\ike\AppData\Local\Lenovo 2014-03-07 19:47 - 2012-02-06 15:16 - 00000767 _____ () C:\Windows\wiso.ini 2014-03-05 09:26 - 2014-04-02 09:45 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-04-02 09:45 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-04-02 09:45 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype 2014-03-05 09:10 - 2012-01-12 13:40 - 00000000 ____D () C:\ProgramData\Skype 2014-03-03 20:28 - 2012-01-23 14:42 - 00000000 ____D () C:\Users\ikeAdmin\Documents\Visual Studio 2010 2014-03-03 15:06 - 2012-01-23 18:07 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Skype 2014-03-03 14:27 - 2012-05-18 10:38 - 00000136 _____ () C:\Users\ikeAdmin\Desktop\Neues Textdokument.txt 2014-03-03 14:22 - 2013-08-01 11:41 - 00000000 ____D () C:\ProgramData\InstallMate 2014-03-03 14:19 - 2014-03-03 14:19 - 01064488 _____ (BillP Studios) C:\Users\ikeAdmin\Downloads\wpsetup.exe 2014-03-03 14:14 - 2013-07-24 09:04 - 00000000 ____D () C:\Program Files (x86)\Heimdal 2014-03-03 14:08 - 2013-08-03 15:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-03-03 14:02 - 2014-03-03 14:02 - 00000085 _____ () C:\Windows\wininit.ini 2014-03-03 14:00 - 2013-09-13 11:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-03 13:59 - 2012-10-29 12:44 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-03 13:59 - 2012-10-29 12:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-03 13:59 - 2012-01-17 11:41 - 00000000 ____D () C:\Windows\Minidump 2014-03-03 12:43 - 2011-12-29 14:09 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Buhl Data Service GmbH 2014-03-03 12:07 - 2014-03-03 12:07 - 00000000 ____D () C:\Windows\ERUNT 2014-03-03 10:40 - 2014-03-03 10:39 - 00074953 _____ () C:\Users\ike\Downloads\Addition.txt 2014-03-03 10:40 - 2014-03-03 10:38 - 00047705 _____ () C:\Users\ike\Downloads\FRST.txt 2014-03-03 10:38 - 2014-03-03 10:38 - 02156544 _____ (Farbar) C:\Users\ike\Downloads\FRST64.exe Some content of TEMP: ==================== C:\Users\ike\AppData\Local\Temp\80C33D6E6AC507355C1C02C567CBC38B_HeimdalSetup.exe C:\Users\ike\AppData\Local\Temp\avgnt.exe C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.dll C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.exe C:\Users\ike\AppData\Local\Temp\proxy_util_w32.dll C:\Users\ike\AppData\Local\Temp\unrar.dll C:\Users\ikeAdmin\AppData\Local\Temp\avgnt.exe C:\Users\ikeAdmin\AppData\Local\Temp\tmp69B3.exe C:\Users\ikeAdmin\AppData\Local\Temp\unrar.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by ike at 2014-04-02 11:21:39 Running from C:\Users\ike\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - ) Add-in Express for Microsoft Office and .NET, Standard (HKLM-x32\...\{CB3CB52F-6F12-42FD-A840-4C55EC2CA0B8}) (Version: 7.1.4050 - Add-in Express Ltd) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{35A50BE1-FDD7-4FC7-CCE5-03D2A63D4CF4}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.) AnkhSVN 2.4.11610.27 (HKLM-x32\...\{1B6B2817-89AF-4947-A768-0766D7906BCB}) (Version: 2.4.11610.27 - AnkhSVN Team) Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.71.00 - ) ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5-110424b-119200C-Lenovo - ATI Technologies, Inc.) AuthenTec TrueSuite (HKLM\...\{E6C44758-FF49-47D1-8182-65E3818ACE23}) (Version: 2.0.0.57 - AuthenTec, Inc.) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira) AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2011.0424.2249.39080 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2011.0424.2249.39080 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Dutch (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help English (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help French (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help German (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Italian (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Japanese (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Korean (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Portuguese (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Spanish (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Swedish (x32 Version: 2011.0424.2248.39080 - ATI) Hidden ccc-core-static (x32 Version: 2011.0424.2249.39080 - Ihr Firmenname) Hidden ccc-utility64 (Version: 2011.0424.2249.39080 - ATI) Hidden Common Desktop Agent (Version: 1.53.0 - OEM) Hidden Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant) Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World) Custom UI Editor for Microsoft Office (HKLM-x32\...\{C644FAAE-42FD-4FEC-B170-AB40B128B9AF}) (Version: 3.14.1592 - Microsoft Corporation) cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.7 - REINER SCT) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft) Deutsche Post E-Porto (HKLM-x32\...\{A51F5414-4A2B-45A0-8EF2-B4D29CFBCAE7}) (Version: 2.3.0 - Deutsche Post AG) Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo) Direct Printing Utility (HKLM-x32\...\Direct Printing Utility) (Version: 1.02.06:03 - Samsung Electronics Co., Ltd.) docUtilities (HKLM-x32\...\{3F4C4A23-73DA-4088-A28B-674AF855C5EE}) (Version: 1.4.12 - nutzware) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden Dotfuscator Software Services - Community Edition - DEU (HKLM-x32\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions) Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions) Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.63.1 - Lenovo Group Limited) Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{47AA145C-1698-4C76-A15B-23730399A423}) (Version: 11.1.21009.00 - Microsoft Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation) Excel VBA Code Cleaner 5.0 (HKLM-x32\...\Excel VBA Code Cleaner 5.0) (Version: - ) Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2736182) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2736182) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2890573) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2890573) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2529927) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2529927) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2548139) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2548139) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2549864) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2549864) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2635973) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2635973) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2736182) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2736182) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2890573) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2890573) (Version: 1 - Microsoft Corporation) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Intel PROSet Wireless (Version: - ) Hidden Intel PROSet Wireless (x32 Version: - ) Hidden Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation) Intel(R) Network Connections 17.4.95.0 (HKLM\...\PROSetDX) (Version: 17.4.95.0 - Intel) Intel(R) Network Connections 17.4.95.0 (Version: 17.4.95.0 - Intel) Hidden Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation) Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden JavaScript Tooling (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Klok 2 (HKLM-x32\...\Klok2.DD7F2188B985C2439837C76B42A187050457E61B.1) (Version: 2.5.9 - Mcgraphix, Inc.) Klok 2 (x32 Version: 2.5.9 - Mcgraphix, Inc.) Hidden Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - ) Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.27 - AuthenTec, Inc.) Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - ) Lenovo Solution Center (HKLM\...\{D60E3A84-5DDC-49ED-B9A5-E3466996EB36}) (Version: 2.3.002.00 - Lenovo Group Limited) Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - ) LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - DEU (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - DEU (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0 - Microsoft Corporation) Hidden Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden Microsoft Expression Blend SDK for Silverlight 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2012 v3.0 Core (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - DEU (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden Microsoft LightSwitch für Visual Studio 2012 CoreRes - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Lync 2010 Attendee (HKLM-x32\...\{44228375-A198-489B-B90F-F88A1A78D5F5}) (Version: 4.0.7577.4415 - Microsoft Corporation) Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden Microsoft Office 2010 Code Compatibility Inspector Update 1 (HKLM-x32\...\{715D5ADB-4054-44FA-A2D8-8B7082E10A42}) (Version: 2.2.1 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.60130.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden Microsoft Power Query for Excel (HKLM-x32\...\{1BCE483C-D8D3-451C-9FB8-3CD9F57E385B}) (Version: 1.5.3296.2082 - Microsoft Corporation) Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden Microsoft Report Viewer Add-On für Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{5ADA62BD-2FC0-4ECE-93AA-C933E69B2AB5}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (HKLM-x32\...\{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}) (Version: 10.50.1752.9 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{919E5477-D20B-4F64-AE8B-8199469F7817}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (HKLM-x32\...\{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{0D432429-C79C-462D-ABD8-4D82B83A954B}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation) Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Professional - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - DEU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation) Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012-Leistungserfassungstools - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012-Leistungserfassungstools (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual Studio Professional 2012 - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{66efbe1c-fcf5-4623-93f6-1ae2445aff93}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation) Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation) Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 - deu (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation) Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger) MZ-Tools 3.0 für VBA (HKLM-x32\...\{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1) (Version: - MZTools Software) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation) OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) Oracle VM VirtualBox 4.3.6 (HKLM\...\{DC65DFD8-E175-4A85-948A-42965853B2E8}) (Version: 4.3.6 - Oracle Corporation) PDF Creator Pilot 4.3 x64 Edition (HKLM\...\{467D4F46-B75D-4E9F-B710-D933D687B9BD}) (Version: 4.3 - Two Pilots) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.0 - Tracker Software Products Ltd) PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.00.70.00 - Samsung Electronics Co., Ltd.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.1.0 - Samsung Electronics) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.22.00 - Samsung Electronics Co., Ltd.) Samsung SCX-483x 5x3x Series (HKLM-x32\...\Samsung SCX-483x 5x3x Series) (Version: - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.) Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group) Scribble Papers 2.6.1 (HKLM-x32\...\Scribble Papers_is1) (Version: - Jens Hoetger) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Sicherheitsupdate für Microsoft Visual Studio 2010 Professional - DEU (KB2645410) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2645410) (Version: 1 - Microsoft Corporation) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Snagit 11 (HKLM-x32\...\{D0CC22F6-A67A-4083-A043-E0640CB7A4DF}) (Version: 11.2.1 - TechSmith Corporation) soapUI 4.5.1 4.5.1 (HKLM-x32\...\5517-2803-0637-4585) (Version: 4.5.1 - SmartBear Software) ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - ) ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - ) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.10 - Lenovo) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo) ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo) tools-linux (x32 Version: 9.2.0.812388 - VMware, Inc.) Hidden TortoiseSVN 1.7.13.24257 (64 bit) (HKLM\...\{4560A53B-3BB7-4B72-829E-5BDE5803DC11}) (Version: 1.7.24257 - TortoiseSVN) TV-Browser 3.3.1 (HKLM-x32\...\tvbrowser) (Version: 3.3.1 - TV-Browser Team) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft) Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) Visual Studio 2012 Prerequisites - DEU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden Visual Studio 2012 Update 2 (KB2707250) (HKLM-x32\...\{2fba7dd0-b8eb-4185-aea3-e6910d3f8102}) (Version: 11.0.60315 - Microsoft Corporation) Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9201.20602 - Microsoft Corporation) Hidden VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN) WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation) Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) Windows App Certification Kit Native Components (Version: 8.59.29736 - Microsoft Corporation) Hidden Windows App Certification Kit x64 (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012 (x32 Version: 1.8.60301.1601 - Microsoft) Hidden Windows Azure Tools für LightSwitch HTML Client für Visual Studio 2012 (DEU) (x32 Version: 1.8.60301.1601 - Microsoft) Hidden Windows Runtime Intellisense Content - de-de (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.) WinSCP 5.2.7 RC (HKLM-x32\...\winscp3_is1) (Version: 5.2.7 RC - Martin Prikryl) WISO Mein Geld 2014 Professional (HKLM-x32\...\WISO Mein Geld 2014 Professional) (Version: - Buhl Data Service GmbH) WISO Mein Geld 2014 Professional (x32 Version: 16.0.1.0 - Buhl Data Service GmbH) Hidden WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{CE7A4070-BF51-4E01-97E7-4D8E8A3E90C1}) (Version: 21.01.8499 - Buhl Data Service GmbH) Word 2007 Content Control Toolkit (HKLM-x32\...\{EFCDC354-00BA-4D01-A6AF-AF3311DA9F44}) (Version: 1.3.0 - Microsoft) Wuala (HKCU\...\Wuala) (Version: 1.0.380.0 - LaCie) Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie) Zeta Resource Editor 2.2.0.27 (nur entfernen) (HKLM-x32\...\ZetaResourceEditor) (Version: 2.2.0.27 - Zeta Software GmbH) ==================== Restore Points ========================= Could not list Restore Points. Check "winmgmt" service or repair WMI. ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-01-30 11:44 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => ? Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => ? Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ? ==================== Loaded Modules (whitelisted) ============= 2013-06-01 10:00 - 2013-06-01 10:00 - 00088848 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll 2012-01-09 09:25 - 2013-09-03 06:03 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL 2011-03-14 15:21 - 2011-03-14 15:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-04-24 23:48 - 2011-04-24 23:48 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows:nlsPreferences ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00619851.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00619851.sys => ""="Driver" ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AeLookupSvc => 3 MSCONFIG\Services: fdPHost => 3 MSCONFIG\Services: LENOVO.CAMMUTE => 2 MSCONFIG\Services: LENOVO.MICMUTE => 2 MSCONFIG\Services: LENOVO.TPKNRSVC => 2 MSCONFIG\Services: TeamViewer8 => 2 MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe MSCONFIG\startupreg: FingerPrintSoftware => "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s MSCONFIG\startupreg: FingerPrintSoftwareSplashScreen => "C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe" \s MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/02/2014 11:14:24 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (04/02/2014 11:13:29 AM) (Source: Service Control Manager) (User: ) Description: Der Dienst "Data Transfer Service" hat einen ungültigen aktuellen Status gemeldet: 0 Microsoft Office Sessions: ========================= Error: (04/02/2014 11:14:24 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2014-03-03 12:52:25.947 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 12:43:57.472 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 11:43:02.699 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 11:14:58.410 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 11:05:26.793 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 11:00:04.740 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 09:24:44.099 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 09:10:29.750 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 08:56:18.710 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-02 11:51:41.385 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 30% Total physical RAM: 8086.02 MB Available physical RAM: 5595.7 MB Total Pagefile: 8184.2 MB Available Pagefile: 5550.05 MB Total Virtual: 8192 MB Available Virtual: 8191.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.36 GB) (Free:33.47 GB) NTFS Drive d: (home) (Network) (Total:1829.34 GB) (Free:1393.11 GB) NTFS Drive t: (Temporäres) (Network) (Total:1829.34 GB) (Free:1393.11 GB) NTFS Drive w: (Wuala) (Network) (Total:5 GB) (Free:3.77 GB) FAT32 ==================== MBR & Partition Table ================== ==================== End Of Log ============================ Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2014-04-02 11:37:10 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.CXM0 238,47GB Running: Gmer-19357.exe; Driver: C:\Users\ikeAdmin\AppData\Local\Temp\fxlirpow.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[2100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe[2100] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe[2156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe[2156] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[2992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe[2992] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2500] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe[2500] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\Skype\Phone\Skype.exe[4748] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\Skype\Phone\Skype.exe[4748] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4700] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 0000000077b9000c 1 byte [C3] .text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[4700] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 0000000077c1f8ea 5 bytes JMP 0000000177bcd5c1 .text C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe[5512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe[5512] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[6096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe[6096] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE[5764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE[5764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 .text C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe[4476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000076231465 2 bytes [23, 76] .text C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe[4476] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000762314bb 2 bytes [23, 76] .text ... * 2 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\00234df53ff6 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\00234df53ff6 (not active ControlSet) ---- EOF - GMER 2.1 ---- Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 02.04.2014 Suchlauf-Zeit: 12:08:14 Logdatei: mbam.txt Administrator: Nein Version: 2.00.0.1000 Malware Datenbank: v2014.04.02.03 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ike Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 280527 Verstrichene Zeit: 8 Min, 52 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) |
02.04.2014, 13:26 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Proxy angeblich auf localhost:21320Zitat:
Zudem hab ich den Eindruck, dass du da an einem Büro-Computer sitzt? Wenn nicht, dann erklär bitte kurz warum ein Ultimate Windows, SQL-Server, Crytal Reports, Visual Studio et. pp.
__________________ |
02.04.2014, 13:49 | #3 |
| Windows 7: Proxy angeblich auf localhost:21320 Vielen Dank erstmal für die Rückmeldung!
__________________Ich bin freiberuflich als VBA-Entwicklerin tätig - daher die Programme. Ich hatte eure Richtlinien (http://www.trojaner-board.de/108422-...-anfragen.html) so verstanden, dass ihr Einzelkämpfer trotzdem unterstützt. Wenn nicht, dann sag Bescheid. Sorry wg. der Log-files. Aber unter http://www.trojaner-board.de/69886-a...-beachten.html fehlt dann der Hinweis, dass man FRST als Admin starten soll. FRST.log FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by ikeAdmin (administrator) on SIXTYFIVE on 02-04-2014 14:32:40 Running from C:\Users\ike\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= () C:\Windows\system32\DTS.exe (Lenovo.) C:\Windows\system32\ibmpmsvc.exe (AuthenTec, Inc.) C:\Windows\system32\ATService.exe (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) C:\Windows\system32\IProsetMonitor.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\shtctky.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (LaCie) C:\Users\ike\AppData\Roaming\Wuala\Wuala.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\splwow64.exe () C:\windows\system32\spool\drivers\x64\3\ssn2mpi.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] - [X] HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation) HKLM\...\Run: [picon] - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] () HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited) HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated) HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-08-20] (Lenovo) HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] () HKLM-x32\...\Run: [PWMTRV] - rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-04-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\RunOnce: [*WerKernelReporting] - %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq [415232 2009-07-14] (Microsoft Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\Policies\Explorer: [DisallowCpl] 1 HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {3071cdf2-3215-11e1-b819-001c259f26f4} - D:\Autorun\ShelExec.exe default.htm HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {6bc48649-2ce5-11e1-8cfa-806e6f6e6963} - D:\SETUP.EXE HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {ed1c6d4f-45ac-11e1-840b-005056c00008} - H:\autorun.exe HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [MyPhoneExplorer] - C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe [5127896 2013-09-02] (F.J. Wechselberger) HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [1106288 2013-05-23] (Samsung) HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\MountPoints2: {6bc48649-2ce5-11e1-8cfa-806e6f6e6963} - D:\SETUP.EXE HKU\S-1-5-21-2544801171-2638635311-2798251724-1001\...\MountPoints2: {ed1c6d4f-45ac-11e1-840b-005056c00008} - H:\SETUP.EXE Lsa: [Notification Packages] scecli ACGina Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk ShortcutTarget: Wuala.lnk -> C:\Users\ikeAdmin\AppData\Roaming\Wuala\Wuala.exe (No File) Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF51451D0F4C0CC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://eu.secure.linde.com/,DSID=b4ac6b3a41ce43e43b63515bdec8448d,DanaInfo=mlgmuc00mail042.linde.lds.grp,ST=1+/dwa85W.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secure.linde.com/dana-cached/sc/JuniperSetupClient.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{3B1EB929-7EFA-4E22-80FE-A29410C5D992}: [NameServer]192.168.1.248 FireFox: ======== FF ProfilePath: C:\Users\ikeAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\phz8zmin.default-1389100139951 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml ==================== Services (Whitelisted) ================= S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] () R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc.) R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.) R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] () S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited) R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-12-13] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation) S3 NETw5s64; system32\DRIVERS\NETw5s64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-02 12:33 - 2014-04-02 12:33 - 00879028 _____ () C:\Users\ike\Documents\Terminierungstool.xlsm 2014-04-02 11:37 - 2014-04-02 11:37 - 00005909 _____ () C:\Users\ike\Desktop\gmer.log 2014-04-02 11:21 - 2014-04-02 14:32 - 00019980 _____ () C:\Users\ike\Desktop\FRST.txt 2014-04-02 11:21 - 2014-04-02 14:32 - 00000000 ____D () C:\FRST 2014-04-02 11:21 - 2014-04-02 11:21 - 00060304 _____ () C:\Users\ike\Desktop\Addition.txt 2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log 2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable 2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe 2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe 2014-04-02 11:12 - 2014-04-02 11:12 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt 2014-04-02 10:59 - 2014-04-02 12:08 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt 2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe 2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt 2014-04-02 10:15 - 2014-04-02 10:15 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe 2014-04-02 09:45 - 2014-04-02 09:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-02 09:45 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-02 09:45 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-02 09:45 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-31 12:17 - 2014-04-02 08:53 - 00091128 _____ () C:\Users\ike\Documents\xxxxx.xlsx 2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen 2014-03-24 12:09 - 2014-03-24 12:11 - 00049234 _____ () C:\Users\ike\Documents\xxxxx.xlsx 2014-03-19 18:42 - 2014-03-19 18:43 - 00000000 ____D () C:\Program Files (x86)\xxxxx 2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat 2014-03-12 19:25 - 2014-03-12 19:56 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung 2014-03-12 08:55 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-12 08:55 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-12 08:55 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-12 08:55 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-12 08:55 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-12 08:55 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-12 08:55 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-12 08:55 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-12 08:55 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-12 08:55 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-12 08:55 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-12 08:55 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-12 08:55 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-12 08:55 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-12 08:55 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-12 08:55 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-12 08:55 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-12 08:55 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-12 08:55 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-12 08:55 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-12 08:55 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-12 08:55 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-12 08:55 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-12 08:55 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-12 08:55 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-12 08:55 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-12 08:55 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-12 08:55 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-12 08:55 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-12 08:55 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-12 08:55 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-12 08:55 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-12 08:55 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-12 08:55 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-12 08:55 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-12 08:55 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-12 08:55 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-12 08:55 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-12 08:55 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-12 08:55 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-12 08:55 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 08:55 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-12 08:55 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-12 08:55 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-12 08:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-12 08:54 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 08:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 08:54 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-06 12:07 - 2014-04-02 13:17 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp 2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype 2014-03-03 15:00 - 2014-04-02 11:02 - 00000000 ____D () C:\AdwCleaner 2014-03-03 14:19 - 2014-03-03 14:19 - 01064488 _____ (BillP Studios) C:\Users\ikeAdmin\Downloads\wpsetup.exe 2014-03-03 14:02 - 2014-03-03 14:02 - 00000085 _____ () C:\Windows\wininit.ini 2014-03-03 12:07 - 2014-03-03 12:07 - 00000000 ____D () C:\Windows\ERUNT 2014-03-03 12:01 - 2014-04-02 10:22 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe 2014-03-03 10:39 - 2014-03-03 10:40 - 00074953 _____ () C:\Users\ike\Downloads\Addition.txt 2014-03-03 10:38 - 2014-03-03 10:40 - 00047705 _____ () C:\Users\ike\Downloads\FRST.txt 2014-03-03 10:38 - 2014-03-03 10:38 - 02156544 _____ (Farbar) C:\Users\ike\Downloads\FRST64.exe ==================== One Month Modified Files and Folders ======= 2014-04-02 14:32 - 2014-04-02 11:21 - 00019980 _____ () C:\Users\ike\Desktop\FRST.txt 2014-04-02 14:32 - 2014-04-02 11:21 - 00000000 ____D () C:\FRST 2014-04-02 14:28 - 2012-01-12 13:40 - 00000000 ____D () C:\Users\ike\AppData\Roaming\Skype 2014-04-02 14:13 - 2012-01-25 20:17 - 00000072 _____ () C:\Users\Public\LMDebug.log 2014-04-02 14:09 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-02 14:09 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-02 14:05 - 2012-07-06 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-02 13:17 - 2014-03-06 12:07 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp 2014-04-02 12:59 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-04-02 12:33 - 2014-04-02 12:33 - 00879028 _____ () C:\Users\ike\Documents\xxxx.xlsm 2014-04-02 12:31 - 2012-01-12 16:57 - 00000000 ____D () C:\Users\ike\.VirtualBox 2014-04-02 12:08 - 2014-04-02 10:59 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt 2014-04-02 11:46 - 2013-02-25 15:52 - 00735986 _____ () C:\Windows\system32\perfh015.dat 2014-04-02 11:46 - 2013-02-25 15:52 - 00157504 _____ () C:\Windows\system32\perfc015.dat 2014-04-02 11:46 - 2011-06-02 08:18 - 00741084 _____ () C:\Windows\system32\perfh00A.dat 2014-04-02 11:46 - 2011-06-02 08:18 - 00160106 _____ () C:\Windows\system32\perfc00A.dat 2014-04-02 11:46 - 2011-06-02 08:14 - 00724646 _____ () C:\Windows\system32\prfh0816.dat 2014-04-02 11:46 - 2011-06-02 08:14 - 00154538 _____ () C:\Windows\system32\prfc0816.dat 2014-04-02 11:46 - 2011-06-02 08:09 - 00709508 _____ () C:\Windows\system32\prfh0416.dat 2014-04-02 11:46 - 2011-06-02 08:09 - 00149288 _____ () C:\Windows\system32\prfc0416.dat 2014-04-02 11:46 - 2011-06-02 08:05 - 00735674 _____ () C:\Windows\system32\perfh010.dat 2014-04-02 11:46 - 2011-06-02 08:05 - 00148478 _____ () C:\Windows\system32\perfc010.dat 2014-04-02 11:46 - 2011-06-02 08:01 - 00705108 _____ () C:\Windows\system32\perfh007.dat 2014-04-02 11:46 - 2011-06-02 08:01 - 00151476 _____ () C:\Windows\system32\perfc007.dat 2014-04-02 11:46 - 2011-06-02 07:57 - 00741344 _____ () C:\Windows\system32\perfh00C.dat 2014-04-02 11:46 - 2011-06-02 07:57 - 00151212 _____ () C:\Windows\system32\perfc00C.dat 2014-04-02 11:46 - 2011-06-02 07:53 - 00739126 _____ () C:\Windows\system32\perfh013.dat 2014-04-02 11:46 - 2011-06-02 07:53 - 00154734 _____ () C:\Windows\system32\perfc013.dat 2014-04-02 11:46 - 2009-07-14 07:13 - 07821810 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-02 11:43 - 2011-12-22 23:47 - 02048427 _____ () C:\Windows\WindowsUpdate.log 2014-04-02 11:40 - 2012-01-09 12:30 - 00000000 ____D () C:\Users\ike\AppData\Local\TSVNCache 2014-04-02 11:39 - 2013-12-17 08:55 - 00006496 _____ () C:\Windows\setupact.log 2014-04-02 11:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-02 11:38 - 2012-01-09 16:37 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\TSVNCache 2014-04-02 11:37 - 2014-04-02 11:37 - 00005909 _____ () C:\Users\ike\Desktop\gmer.log 2014-04-02 11:28 - 2012-01-17 11:41 - 00000000 ____D () C:\Windows\Minidump 2014-04-02 11:28 - 2011-12-22 23:39 - 00320793 ____N () C:\Windows\Minidump\040214-15615-01.dmp 2014-04-02 11:21 - 2014-04-02 11:21 - 00060304 _____ () C:\Users\ike\Desktop\Addition.txt 2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log 2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable 2014-04-02 11:20 - 2011-12-22 23:48 - 00000000 ____D () C:\Users\ikeAdmin 2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe 2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe 2014-04-02 11:12 - 2014-04-02 11:12 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt 2014-04-02 11:02 - 2014-03-03 15:00 - 00000000 ____D () C:\AdwCleaner 2014-04-02 11:01 - 2011-12-23 00:14 - 00123872 _____ () C:\Users\ikeAdmin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe 2014-04-02 10:49 - 2011-12-29 14:36 - 00123872 _____ () C:\Users\ike\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-02 10:48 - 2013-07-31 22:01 - 00102230 _____ () C:\Windows\PFRO.log 2014-04-02 10:48 - 2009-07-14 06:45 - 00508664 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-02 10:41 - 2013-01-17 09:17 - 00000000 ____D () C:\Users\ike\AppData\Local\Deployment 2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt 2014-04-02 10:22 - 2014-03-03 12:01 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe 2014-04-02 10:15 - 2014-04-02 10:15 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe 2014-04-02 09:50 - 2014-04-02 09:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-02 09:45 - 2012-03-20 10:48 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-02 08:53 - 2014-03-31 12:17 - 00091128 _____ () C:\Users\ike\Documents\xxxx.xlsx 2014-04-01 22:18 - 2013-03-24 17:00 - 00000000 ____D () C:\Users\ike\AppData\Roaming\TV-Browser 2014-04-01 21:07 - 2014-01-17 18:37 - 00005134 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SIXTYFIVE-ike sixtyfive 2014-04-01 11:03 - 2014-02-13 08:43 - 00007218 _____ () C:\Users\ike\Documents\SnagitLog.dat 2014-03-28 13:48 - 2012-11-23 14:57 - 00000039 _____ () C:\Windows\vbaddin.ini 2014-03-28 13:48 - 2011-12-23 01:00 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-27 17:52 - 2012-01-18 17:02 - 00000600 _____ () C:\Users\ike\AppData\Roaming\winscp.rnd 2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen 2014-03-24 15:42 - 2012-05-02 13:42 - 00000000 ____D () C:\Users\ike\AppData\Local\CrashDumps 2014-03-24 12:11 - 2014-03-24 12:09 - 00049234 _____ () C:\Users\ike\Documents\xxxx.xlsx 2014-03-24 08:36 - 2012-11-23 08:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-23 15:11 - 2014-02-15 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-20 08:50 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew 2014-03-20 08:48 - 2009-07-14 04:34 - 00000510 _____ () C:\Windows\win.ini 2014-03-19 18:43 - 2014-03-19 18:42 - 00000000 ____D () C:\Program Files (x86)\Hagemeyer 2014-03-19 08:51 - 2013-12-20 09:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-03-18 09:03 - 2013-07-23 21:29 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-18 09:01 - 2011-12-23 00:27 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat 2014-03-12 20:25 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-12 20:00 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 19:56 - 2014-03-12 19:25 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung 2014-03-11 21:05 - 2012-07-06 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-11 21:05 - 2012-04-10 11:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-11 21:05 - 2011-12-23 14:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-10 08:54 - 2011-12-23 00:07 - 00000000 ____D () C:\Program Files (x86)\Lenovo 2014-03-10 08:53 - 2012-11-05 14:03 - 00000000 ____D () C:\Windows\System32\Tasks\TVT 2014-03-10 08:53 - 2011-12-23 22:58 - 00000000 ____D () C:\ProgramData\Lenovo 2014-03-10 08:52 - 2012-01-13 12:18 - 00123872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2014-03-10 08:52 - 2012-01-13 12:18 - 00000000 ____D () C:\Users\ike\AppData\Local\Lenovo 2014-03-07 19:47 - 2012-02-06 15:16 - 00000767 _____ () C:\Windows\wiso.ini 2014-03-05 09:26 - 2014-04-02 09:45 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-04-02 09:45 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-04-02 09:45 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype 2014-03-05 09:10 - 2012-01-12 13:40 - 00000000 ____D () C:\ProgramData\Skype 2014-03-03 20:28 - 2012-01-23 14:42 - 00000000 ____D () C:\Users\ikeAdmin\Documents\Visual Studio 2010 2014-03-03 15:06 - 2012-01-23 18:07 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Skype 2014-03-03 14:27 - 2012-05-18 10:38 - 00000136 _____ () C:\Users\ikeAdmin\Desktop\Neues Textdokument.txt 2014-03-03 14:22 - 2013-08-01 11:41 - 00000000 ____D () C:\ProgramData\InstallMate 2014-03-03 14:19 - 2014-03-03 14:19 - 01064488 _____ (BillP Studios) C:\Users\ikeAdmin\Downloads\wpsetup.exe 2014-03-03 14:14 - 2013-07-24 09:04 - 00000000 ____D () C:\Program Files (x86)\Heimdal 2014-03-03 14:10 - 2013-08-03 15:21 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking 2014-03-03 14:08 - 2013-08-03 15:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2014-03-03 14:02 - 2014-03-03 14:02 - 00000085 _____ () C:\Windows\wininit.ini 2014-03-03 14:00 - 2013-09-13 11:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware 2014-03-03 13:59 - 2012-10-29 12:44 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-03 13:59 - 2012-10-29 12:44 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-03 13:58 - 2011-12-22 23:39 - 00322209 ____N () C:\Windows\Minidump\030314-19500-01.dmp 2014-03-03 12:52 - 2012-10-29 12:44 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-03-03 12:50 - 2012-10-29 12:44 - 00004122 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-03-03 12:43 - 2011-12-29 14:09 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Buhl Data Service GmbH 2014-03-03 12:07 - 2014-03-03 12:07 - 00000000 ____D () C:\Windows\ERUNT 2014-03-03 10:40 - 2014-03-03 10:39 - 00074953 _____ () C:\Users\ike\Downloads\Addition.txt 2014-03-03 10:40 - 2014-03-03 10:38 - 00047705 _____ () C:\Users\ike\Downloads\FRST.txt 2014-03-03 10:38 - 2014-03-03 10:38 - 02156544 _____ (Farbar) C:\Users\ike\Downloads\FRST64.exe Some content of TEMP: ==================== C:\Users\ike\AppData\Local\Temp\80C33D6E6AC507355C1C02C567CBC38B_HeimdalSetup.exe C:\Users\ike\AppData\Local\Temp\avgnt.exe C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.dll C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.exe C:\Users\ike\AppData\Local\Temp\proxy_util_w32.dll C:\Users\ike\AppData\Local\Temp\unrar.dll C:\Users\ikeAdmin\AppData\Local\Temp\avgnt.exe C:\Users\ikeAdmin\AppData\Local\Temp\tmp69B3.exe C:\Users\ikeAdmin\AppData\Local\Temp\unrar.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-31 17:06 ==================== End Of Log ============================ mbam - als Administrator ausgeführt! - trotzdem steht "Administrator: nein" :-/ Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 02.04.2014 Suchlauf-Zeit: 14:44:21 Logdatei: mbam.txt Administrator: Nein Version: 2.00.0.1000 Malware Datenbank: v2014.04.02.04 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ike Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 280474 Verstrichene Zeit: 7 Min, 54 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) |
02.04.2014, 14:26 | #4 | ||
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Proxy angeblich auf localhost:21320Zitat:
Also das hier meine ich: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
02.04.2014, 14:44 | #5 |
| Windows 7: Proxy angeblich auf localhost:21320 Passt - hab ich gelesen - und Dateinamen, die mit Kunden zu tun haben ausgeXt. |
02.04.2014, 15:28 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Proxy angeblich auf localhost:21320 Dann ist ja gut. Allerdings warst du bei MBAM immer noch kein Admin. Kein Problem, wir machen später eh nochmal MBAM, denk aber dann an die Adminrechte. Ist jemals ein Viren-/Malwarescanner fündig geworden? Oder hattest du noch nie Schädlingsbefall? Wenn doch bitte alle Logs mit Funden posten
__________________ --> Windows 7: Proxy angeblich auf localhost:21320 |
03.04.2014, 07:01 | #7 |
| Windows 7: Proxy angeblich auf localhost:21320 "Ausführen als Admin" hat bei mbam nicht gereicht. Hab mich jetzt mit meinem Admin-Account angemeldet - und jetzt sieht es besser aus - naja - besser ist relativ. Außerdem hab ich tatsächlich noch ein logfile von letztem Jahr gefunden - damals wurde einiges entdeckt. Hab mich damals auch bei euch durchgewühlt - und threads zu OpenCandy gefunden ... mbam - 2014-04-03 Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 03.04.2014 Suchlauf-Zeit: 07:59:48 Logdatei: mbam-log-2014-04-03 (07-58).txt Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2014.04.03.01 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ikeAdmin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 350503 Verstrichene Zeit: 21 Min, 24 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 1 Malware.Trace, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, @biocpl.dll,-1, , [d32d33cdc83803fd409b93488181c838] Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) mbam - 2013-09-13 Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.09.13.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 ikeAdmin :: SIXTYFIVE [Administrator] 13.09.2013 11:32:08 mbam-log-2013-09-13 (11-32-08).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM | P2P Deaktivierte Suchlaufeinstellungen: Durchsuchte Objekte: 635594 Laufzeit: 1 Stunde(n), 52 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 2 C:\Users\ikeAdmin\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 4 C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B\3707.ico (PUP.Optional.OpenCandy) -> Keine Aktion durchgeführt. C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B\OCBrowserHelper_1.0.6.128.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\ikeAdmin\AppData\Roaming\OpenCandy\B0A048DC445241E6BA091503253C181B\RAWinstaller.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) |
03.04.2014, 09:15 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Proxy angeblich auf localhost:21320 Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
03.04.2014, 10:05 | #9 |
| Windows 7: Proxy angeblich auf localhost:21320 adwCleaner Code:
ATTFilter # AdwCleaner v3.023 - Bericht erstellt am 03/04/2014 um 10:32:42 # Aktualisiert 01/04/2014 von Xplode # Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits) # Benutzername : ikeAdmin - SIXTYFIVE # Gestartet von : C:\Users\ike\Desktop\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\ikeAdmin\AppData\Local\CrashRpt Ordner Gelöscht : C:\Users\ike\AppData\Local\CrashRpt ***** [ Verknüpfungen ] ***** ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\Software\Description ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16521 -\\ Mozilla Firefox v28.0 (de) [ Datei : C:\Users\ikeAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\phz8zmin.default-1389100139951\prefs.js ] [ Datei : C:\Users\ike\AppData\Roaming\Mozilla\Firefox\Profiles\30waxibq.default\prefs.js ] Zeile gelöscht : user_pref("extensions.enabledAddons", "adblockpopups%40jessehakanen.net:0.9.1,fb_add_on%40avm.de:1.7.0,itsalltext%40docwhat.gerf.org:1.8.1,sitedelta%40schierla.de:0.13.2,%7B5F590AA2-1221-4113-A6F4-A4B[...] ************************* AdwCleaner[R1].txt - [1384 octets] - [03/03/2014 15:00:47] AdwCleaner[R2].txt - [1418 octets] - [02/04/2014 10:16:25] AdwCleaner[R3].txt - [1478 octets] - [02/04/2014 10:18:37] AdwCleaner[R4].txt - [1490 octets] - [02/04/2014 11:02:14] AdwCleaner[R5].txt - [1600 octets] - [03/04/2014 10:30:09] AdwCleaner[R6].txt - [1660 octets] - [03/04/2014 10:31:33] AdwCleaner[S1].txt - [1445 octets] - [03/03/2014 15:04:24] AdwCleaner[S2].txt - [1585 octets] - [03/04/2014 10:32:42] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1645 octets] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.3 (03.23.2014:1) OS: Windows 7 Ultimate x64 Ran by ikeAdmin on 03.04.2014 at 10:39:22,98 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 03.04.2014 at 10:48:31,46 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by ikeAdmin (administrator) on SIXTYFIVE on 03-04-2014 10:56:02 Running from C:\Users\ikeAdmin\Desktop Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= () C:\Windows\system32\DTS.exe (Lenovo.) C:\Windows\system32\ibmpmsvc.exe (AuthenTec, Inc.) C:\Windows\system32\ATService.exe (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Microsoft Corporation) C:\Windows\system32\WLANExt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\AcSvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (REINER SCT) C:\Windows\SysWOW64\cjpcsc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) C:\Windows\system32\IProsetMonitor.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\tposdsvc.exe (Lenovo Group Limited) C:\Program Files\LENOVO\HOTKEY\shtctky.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Lenovo Group Limited) C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Zoom\TpScrex.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Prog-Soft s.r.o.) C:\Program Files (x86)\PSPad editor\PSPad.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Lenovo) C:\Program Files (x86)\Lenovo\Access Connections\SvcGuiHlpr.exe (Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PrivacyIconClient.exe (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE (hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe (Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE (Samsung Electronics.) C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Intel Corporation) C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation) C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [] - [X] HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation) HKLM\...\Run: [picon] - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\PIconStartup.exe [111640 2010-02-04] () HKLM\...\Run: [LENOVO.TPKNRRES] - C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-05-29] (Lenovo Group Limited) HKLM\...\Run: [TpShocks] - C:\Windows\system32\TpShocks.exe [380776 2011-03-29] (Lenovo.) HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2963184 2013-05-29] (Synaptics Incorporated) HKLM\...\Run: [AcWin7Hlpr] - C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63784 2013-08-20] (Lenovo) HKLM\...\Run: [SmartAudio] - C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] () HKLM-x32\...\Run: [PWMTRV] - rundll32 "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL",PwrMgrBkGndMonitor HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2011-04-24] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\Policies\Explorer: [DisallowCpl] 1 HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.) HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {3071cdf2-3215-11e1-b819-001c259f26f4} - D:\Autorun\ShelExec.exe default.htm HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {6bc48649-2ce5-11e1-8cfa-806e6f6e6963} - D:\SETUP.EXE HKU\S-1-5-21-2544801171-2638635311-2798251724-1000\...\MountPoints2: {ed1c6d4f-45ac-11e1-840b-005056c00008} - H:\autorun.exe Lsa: [Notification Packages] scecli ACGina Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\ike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk ShortcutTarget: Wuala.lnk -> C:\Users\ikeAdmin\AppData\Roaming\Wuala\Wuala.exe (No File) Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\ikeAdmin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk ShortcutTarget: Samsung Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung Magician.exe (Samsung Electronics.) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) ==================== Internet (Whitelisted) ==================== ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: localhost:21320 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF51451D0F4C0CC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Virtual Storage Mount Notification - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {0F2AAAE3-7E9E-4B64-AB5D-1CA24C6ACB9C} https://eu.secure.linde.com/,DSID=b4ac6b3a41ce43e43b63515bdec8448d,DanaInfo=mlgmuc00mail042.linde.lds.grp,ST=1+/dwa85W.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://secure.linde.com/dana-cached/sc/JuniperSetupClient.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] xxx.xxx.xxx.1 Tcpip\..\Interfaces\{3B1EB929-7EFA-4E22-80FE-A29410C5D992}: [NameServer]xxx.xxx.1.248 FireFox: ======== FF ProfilePath: C:\Users\ikeAdmin\AppData\Roaming\Mozilla\Firefox\Profiles\phz8zmin.default-1389100139951 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @java.com/DTPlugin,version=10.15.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\PDF-XChange\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml ==================== Services (Whitelisted) ================= S3 ADMonitor; C:\Windows\system32\ADMonitor.exe [130048 2010-02-05] () R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 ATService; C:\Windows\system32\ATService.exe [2713920 2010-02-05] (AuthenTec, Inc.) R2 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [515632 2013-05-21] (REINER SCT) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2169016 2014-03-01] (Microsoft Corporation) S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-09-03] (Lenovo.) R2 dtsvc; C:\Windows\system32\DTS.exe [117760 2010-02-05] () S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited) R2 LMS; C:\Program Files (x86)\Intel\AMT\LMS.exe [174616 2010-02-04] (Intel Corporation) S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [1674720 2013-09-25] () R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) R2 UNS; C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe [2058776 2010-02-04] (Intel Corporation) ==================== Drivers (Whitelisted) ==================== R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation) R3 cjusb; C:\Windows\System32\DRIVERS\cjusb.sys [35192 2012-09-04] (REINER SCT) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-03-20] () S3 hitmanpro36; C:\Windows\system32\drivers\hitmanpro36.sys [30496 2012-12-13] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-03] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation) R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-05-29] (Synaptics Incorporated) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [117040 2011-12-19] (Oracle Corporation) S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation) S3 NETw5s64; system32\DRIVERS\NETw5s64.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X] S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-03 10:56 - 2014-04-03 10:56 - 00019477 _____ () C:\Users\ikeAdmin\Desktop\FRST.txt 2014-04-03 10:55 - 2014-04-03 10:55 - 02157056 _____ (Farbar) C:\Users\ikeAdmin\Desktop\FRST64.exe 2014-04-03 10:48 - 2014-04-03 10:54 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt 2014-04-03 10:38 - 2014-04-03 10:38 - 01038974 _____ (Thisisu) C:\Users\ikeAdmin\Desktop\JRT.exe 2014-04-03 10:29 - 2014-04-03 10:29 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe 2014-04-03 09:04 - 2014-04-03 09:04 - 00002413 _____ () C:\Users\Public\Desktop\SoapUI 4.6.4-m-SNAPSHOT.lnk 2014-04-03 09:04 - 2014-04-03 09:04 - 00000000 ____D () C:\Program Files\SmartBear 2014-04-03 08:13 - 2014-04-03 08:13 - 00002311 _____ () C:\Users\Public\Desktop\SoapUI 4.6.4.lnk 2014-04-03 07:36 - 2014-04-03 07:36 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\Skype 2014-04-02 12:33 - 2014-04-02 12:33 - 00879028 _____ () C:\Users\ike\Documents\Terminierungstool.xlsm 2014-04-02 11:37 - 2014-04-02 11:37 - 00005909 _____ () C:\Users\ike\Desktop\gmer.log 2014-04-02 11:21 - 2014-04-03 10:56 - 00000000 ____D () C:\FRST 2014-04-02 11:21 - 2014-04-02 14:33 - 00041613 _____ () C:\Users\ike\Desktop\FRST.txt 2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log 2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable 2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe 2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe 2014-04-02 10:59 - 2014-04-02 14:44 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt 2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe 2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt 2014-04-02 09:45 - 2014-04-03 10:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-02 09:45 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-02 09:45 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-02 09:45 - 2014-03-05 09:26 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-31 12:17 - 2014-04-02 08:53 - 00091128 _____ () C:\Users\ike\Documents\xxxx.xlsx 2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen 2014-03-24 12:09 - 2014-03-24 12:11 - 00049234 _____ () C:\Users\ike\Documents\BaugruppenNachBedarfsimport.xlsx 2014-03-19 18:42 - 2014-03-19 18:43 - 00000000 ____D () C:\Program Files (x86)\xxxx 2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat 2014-03-12 19:25 - 2014-03-12 19:56 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung 2014-03-12 08:55 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-12 08:55 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-12 08:55 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-03-12 08:55 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-03-12 08:55 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-03-12 08:55 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-03-12 08:55 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-03-12 08:55 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-03-12 08:55 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-03-12 08:55 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-03-12 08:55 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-03-12 08:55 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-03-12 08:55 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-12 08:55 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-03-12 08:55 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-03-12 08:55 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-12 08:55 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-03-12 08:55 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-03-12 08:55 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-03-12 08:55 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-03-12 08:55 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-03-12 08:55 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-03-12 08:55 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-03-12 08:55 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-03-12 08:55 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-03-12 08:55 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-03-12 08:55 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-03-12 08:55 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-03-12 08:55 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-03-12 08:55 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-03-12 08:55 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-03-12 08:55 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-03-12 08:55 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-03-12 08:55 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-03-12 08:55 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-03-12 08:55 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-03-12 08:55 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-03-12 08:55 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-03-12 08:55 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-03-12 08:55 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-03-12 08:55 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-03-12 08:55 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll 2014-03-12 08:55 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll 2014-03-12 08:55 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-03-12 08:54 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-03-12 08:54 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-03-12 08:54 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-03-12 08:54 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-03-06 12:07 - 2014-04-02 13:17 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp 2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype ==================== One Month Modified Files and Folders ======= 2014-04-03 10:56 - 2014-04-03 10:56 - 00019477 _____ () C:\Users\ikeAdmin\Desktop\FRST.txt 2014-04-03 10:56 - 2014-04-02 11:21 - 00000000 ____D () C:\FRST 2014-04-03 10:55 - 2014-04-03 10:55 - 02157056 _____ (Farbar) C:\Users\ikeAdmin\Desktop\FRST64.exe 2014-04-03 10:54 - 2014-04-03 10:48 - 00000624 _____ () C:\Users\ikeAdmin\Desktop\JRT.txt 2014-04-03 10:43 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-03 10:43 - 2009-07-14 06:45 - 00022064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-03 10:40 - 2013-02-25 15:52 - 00735986 _____ () C:\Windows\system32\perfh015.dat 2014-04-03 10:40 - 2013-02-25 15:52 - 00157504 _____ () C:\Windows\system32\perfc015.dat 2014-04-03 10:40 - 2011-06-02 08:18 - 00741084 _____ () C:\Windows\system32\perfh00A.dat 2014-04-03 10:40 - 2011-06-02 08:18 - 00160106 _____ () C:\Windows\system32\perfc00A.dat 2014-04-03 10:40 - 2011-06-02 08:14 - 00724646 _____ () C:\Windows\system32\prfh0816.dat 2014-04-03 10:40 - 2011-06-02 08:14 - 00154538 _____ () C:\Windows\system32\prfc0816.dat 2014-04-03 10:40 - 2011-06-02 08:09 - 00709508 _____ () C:\Windows\system32\prfh0416.dat 2014-04-03 10:40 - 2011-06-02 08:09 - 00149288 _____ () C:\Windows\system32\prfc0416.dat 2014-04-03 10:40 - 2011-06-02 08:05 - 00735674 _____ () C:\Windows\system32\perfh010.dat 2014-04-03 10:40 - 2011-06-02 08:05 - 00148478 _____ () C:\Windows\system32\perfc010.dat 2014-04-03 10:40 - 2011-06-02 08:01 - 00705108 _____ () C:\Windows\system32\perfh007.dat 2014-04-03 10:40 - 2011-06-02 08:01 - 00151476 _____ () C:\Windows\system32\perfc007.dat 2014-04-03 10:40 - 2011-06-02 07:57 - 00741344 _____ () C:\Windows\system32\perfh00C.dat 2014-04-03 10:40 - 2011-06-02 07:57 - 00151212 _____ () C:\Windows\system32\perfc00C.dat 2014-04-03 10:40 - 2011-06-02 07:53 - 00739126 _____ () C:\Windows\system32\perfh013.dat 2014-04-03 10:40 - 2011-06-02 07:53 - 00154734 _____ () C:\Windows\system32\perfc013.dat 2014-04-03 10:40 - 2009-07-14 07:13 - 07821810 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-03 10:38 - 2014-04-03 10:38 - 01038974 _____ (Thisisu) C:\Users\ikeAdmin\Desktop\JRT.exe 2014-04-03 10:36 - 2014-04-02 09:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-03 10:36 - 2012-01-23 18:07 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Roaming\Skype 2014-04-03 10:34 - 2013-12-17 08:55 - 00006608 _____ () C:\Windows\setupact.log 2014-04-03 10:34 - 2013-07-31 22:01 - 00102566 _____ () C:\Windows\PFRO.log 2014-04-03 10:34 - 2012-01-09 16:37 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\TSVNCache 2014-04-03 10:34 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-03 10:33 - 2012-01-09 12:30 - 00000000 ____D () C:\Users\ike\AppData\Local\TSVNCache 2014-04-03 10:33 - 2011-12-22 23:47 - 02082577 _____ () C:\Windows\WindowsUpdate.log 2014-04-03 10:32 - 2014-03-03 15:00 - 00000000 ____D () C:\AdwCleaner 2014-04-03 10:32 - 2012-01-12 13:40 - 00000000 ____D () C:\Users\ike\AppData\Roaming\Skype 2014-04-03 10:29 - 2014-04-03 10:29 - 01426178 _____ () C:\Users\ike\Desktop\adwcleaner.exe 2014-04-03 10:26 - 2012-09-25 23:01 - 00013915 _____ () C:\Users\ike\soapui-settings.xml 2014-04-03 10:26 - 2012-09-25 21:46 - 00000306 _____ () C:\Users\ike\default-soapui-workspace.xml 2014-04-03 10:05 - 2012-07-06 20:38 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-03 09:05 - 2012-09-25 21:44 - 00013735 _____ () C:\Users\ikeAdmin\soapui-settings.xml 2014-04-03 09:05 - 2012-09-25 21:43 - 00000336 _____ () C:\Users\ikeAdmin\default-soapui-workspace.xml 2014-04-03 09:04 - 2014-04-03 09:04 - 00002413 _____ () C:\Users\Public\Desktop\SoapUI 4.6.4-m-SNAPSHOT.lnk 2014-04-03 09:04 - 2014-04-03 09:04 - 00000000 ____D () C:\Program Files\SmartBear 2014-04-03 09:04 - 2011-12-22 23:48 - 00000000 ____D () C:\Users\ikeAdmin 2014-04-03 08:13 - 2014-04-03 08:13 - 00002311 _____ () C:\Users\Public\Desktop\SoapUI 4.6.4.lnk 2014-04-03 08:12 - 2012-09-25 21:40 - 00000000 ____D () C:\Program Files (x86)\SmartBear 2014-04-03 07:36 - 2014-04-03 07:36 - 00000000 ____D () C:\Users\ikeAdmin\AppData\Local\Skype 2014-04-02 14:44 - 2014-04-02 10:59 - 00001146 _____ () C:\Users\ike\Desktop\mbam.txt 2014-04-02 14:33 - 2014-04-02 11:21 - 00041613 _____ () C:\Users\ike\Desktop\FRST.txt 2014-04-02 14:13 - 2012-01-25 20:17 - 00000072 _____ () C:\Users\Public\LMDebug.log 2014-04-02 13:17 - 2014-03-06 12:07 - 00002198 ____H () C:\Users\ike\Documents\Default.rdp 2014-04-02 12:59 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-04-02 12:33 - 2014-04-02 12:33 - 00879028 _____ () C:\Users\ike\Documents\xxx.xlsm 2014-04-02 12:31 - 2012-01-12 16:57 - 00000000 ____D () C:\Users\ike\.VirtualBox 2014-04-02 11:37 - 2014-04-02 11:37 - 00005909 _____ () C:\Users\ike\Desktop\gmer.log 2014-04-02 11:28 - 2012-01-17 11:41 - 00000000 ____D () C:\Windows\Minidump 2014-04-02 11:28 - 2011-12-22 23:39 - 00320793 ____N () C:\Windows\Minidump\040214-15615-01.dmp 2014-04-02 11:20 - 2014-04-02 11:20 - 00000478 _____ () C:\Users\ike\Desktop\defogger_disable.log 2014-04-02 11:20 - 2014-04-02 11:20 - 00000000 _____ () C:\Users\ikeAdmin\defogger_reenable 2014-04-02 11:19 - 2014-04-02 11:19 - 00380416 _____ () C:\Users\ike\Desktop\Gmer-19357.exe 2014-04-02 11:17 - 2014-04-02 11:17 - 00050477 _____ () C:\Users\ike\Desktop\Defogger.exe 2014-04-02 11:01 - 2011-12-23 00:14 - 00123872 _____ () C:\Users\ikeAdmin\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-02 10:56 - 2014-04-02 10:56 - 02157056 _____ (Farbar) C:\Users\ike\Desktop\FRST64.exe 2014-04-02 10:49 - 2011-12-29 14:36 - 00123872 _____ () C:\Users\ike\AppData\Local\GDIPFONTCACHEV1.DAT 2014-04-02 10:48 - 2009-07-14 06:45 - 00508664 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-04-02 10:41 - 2013-01-17 09:17 - 00000000 ____D () C:\Users\ike\AppData\Local\Deployment 2014-04-02 10:23 - 2014-04-02 10:23 - 00001316 _____ () C:\Users\ikeAdmin\Desktop\mbam.txt 2014-04-02 10:22 - 2014-03-03 12:01 - 01038974 _____ (Thisisu) C:\Users\ike\Desktop\JRT.exe 2014-04-02 09:45 - 2014-04-02 09:45 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-02 09:45 - 2014-04-02 09:45 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-02 09:45 - 2012-03-20 10:48 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-02 08:53 - 2014-03-31 12:17 - 00091128 _____ () C:\Users\ike\Documents\xxx.xlsx 2014-04-01 22:18 - 2013-03-24 17:00 - 00000000 ____D () C:\Users\ike\AppData\Roaming\TV-Browser 2014-04-01 21:07 - 2014-01-17 18:37 - 00005134 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for SIXTYFIVE-ike sixtyfive 2014-04-01 11:03 - 2014-02-13 08:43 - 00007218 _____ () C:\Users\ike\Documents\SnagitLog.dat 2014-03-28 13:48 - 2012-11-23 14:57 - 00000039 _____ () C:\Windows\vbaddin.ini 2014-03-28 13:48 - 2011-12-23 01:00 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-03-27 17:52 - 2012-01-18 17:02 - 00000600 _____ () C:\Users\ike\AppData\Roaming\winscp.rnd 2014-03-27 17:46 - 2014-03-27 17:46 - 00000000 ____D () C:\Users\ike\Documents\Benutzerdefinierte Office-Vorlagen 2014-03-24 15:42 - 2012-05-02 13:42 - 00000000 ____D () C:\Users\ike\AppData\Local\CrashDumps 2014-03-24 12:11 - 2014-03-24 12:09 - 00049234 _____ () C:\Users\ike\Documents\xxx.xlsx 2014-03-24 08:36 - 2012-11-23 08:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-23 15:11 - 2014-02-15 19:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-20 08:50 - 2011-04-12 10:28 - 00000000 ____D () C:\Windows\ShellNew 2014-03-20 08:48 - 2009-07-14 04:34 - 00000510 _____ () C:\Windows\win.ini 2014-03-19 18:43 - 2014-03-19 18:42 - 00000000 ____D () C:\Program Files (x86)\xxx 2014-03-19 08:51 - 2013-12-20 09:31 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2014-03-18 09:03 - 2013-07-23 21:29 - 00000000 ____D () C:\Windows\system32\MRT 2014-03-18 09:01 - 2011-12-23 00:27 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-03-14 12:12 - 2014-03-14 12:12 - 00063494 ____N () C:\Users\ike\Documents\Kinder.dat 2014-03-12 20:25 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-03-12 20:00 - 2014-02-06 14:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-03-12 19:56 - 2014-03-12 19:25 - 00000000 ____D () C:\Users\ike\Documents\ElternKindVerwaltung 2014-03-11 21:05 - 2012-07-06 20:38 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-11 21:05 - 2012-04-10 11:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-11 21:05 - 2011-12-23 14:29 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-10 08:54 - 2011-12-23 00:07 - 00000000 ____D () C:\Program Files (x86)\Lenovo 2014-03-10 08:53 - 2012-11-05 14:03 - 00000000 ____D () C:\Windows\System32\Tasks\TVT 2014-03-10 08:53 - 2011-12-23 22:58 - 00000000 ____D () C:\ProgramData\Lenovo 2014-03-10 08:52 - 2012-01-13 12:18 - 00123872 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT 2014-03-10 08:52 - 2012-01-13 12:18 - 00000000 ____D () C:\Users\ike\AppData\Local\Lenovo 2014-03-07 19:47 - 2012-02-06 15:16 - 00000767 _____ () C:\Windows\wiso.ini 2014-03-05 09:26 - 2014-04-02 09:45 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-03-05 09:26 - 2014-04-02 09:45 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-03-05 09:26 - 2014-04-02 09:45 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-05 09:10 - 2014-03-05 09:10 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ___RD () C:\Program Files (x86)\Skype 2014-03-05 09:10 - 2014-03-05 09:10 - 00000000 ____D () C:\Users\ike\AppData\Local\Skype 2014-03-05 09:10 - 2012-01-12 13:40 - 00000000 ____D () C:\ProgramData\Skype Some content of TEMP: ==================== C:\Users\ike\AppData\Local\Temp\80C33D6E6AC507355C1C02C567CBC38B_HeimdalSetup.exe C:\Users\ike\AppData\Local\Temp\avgnt.exe C:\Users\ike\AppData\Local\Temp\i4jdel0.exe C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.dll C:\Users\ike\AppData\Local\Temp\JExplorer32.2.5.4.exe C:\Users\ike\AppData\Local\Temp\JExplorer32.2.6.8.dll C:\Users\ike\AppData\Local\Temp\JExplorer32.2.6.8.exe C:\Users\ike\AppData\Local\Temp\proxy_util_w32.dll C:\Users\ike\AppData\Local\Temp\unrar.dll C:\Users\ikeAdmin\AppData\Local\Temp\avgnt.exe C:\Users\ikeAdmin\AppData\Local\Temp\JExplorer32.2.6.8.dll C:\Users\ikeAdmin\AppData\Local\Temp\JExplorer32.2.6.8.exe C:\Users\ikeAdmin\AppData\Local\Temp\proxy_vole1981562162407230777.dll C:\Users\ikeAdmin\AppData\Local\Temp\Quarantine.exe C:\Users\ikeAdmin\AppData\Local\Temp\tmp69B3.exe C:\Users\ikeAdmin\AppData\Local\Temp\unrar.dll ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-03-31 17:06 ==================== End Of Log ============================ --- --- --- |
03.04.2014, 10:30 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Proxy angeblich auf localhost:21320 Neues Addition fehlt, wenn nicht erstellt: FRST nochmal starten, Haken bei additions setzen und auf scan klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
03.04.2014, 12:19 | #11 |
| Windows 7: Proxy angeblich auf localhost:21320 Häkchen hatte gefehlt. Beim Starten wird mein Rechner jetzt super langsam - v.a. beim Verbinden mit dem LAN ... Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by ikeAdmin at 2014-04-03 12:16:22 Running from C:\Users\ikeAdmin\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Tools for .Net 3.5 - DEU Lang Pack (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - ) Add-in Express for Microsoft Office and .NET, Standard (HKLM-x32\...\{CB3CB52F-6F12-42FD-A840-4C55EC2CA0B8}) (Version: 7.1.4050 - Add-in Express Ltd) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) AMD APP SDK Runtime (Version: 10.0.831.4 - Advanced Micro Devices Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{35A50BE1-FDD7-4FC7-CCE5-03D2A63D4CF4}) (Version: 3.0.855.0 - Advanced Micro Devices, Inc.) AnkhSVN 2.4.11610.27 (HKLM-x32\...\{1B6B2817-89AF-4947-A768-0766D7906BCB}) (Version: 2.4.11610.27 - AnkhSVN Team) Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.71.00 - ) ATI Uninstaller (HKLM\...\ATI Uninstaller) (Version: 8.792.5-110424b-119200C-Lenovo - ATI Technologies, Inc.) AuthenTec TrueSuite (HKLM\...\{E6C44758-FF49-47D1-8182-65E3818ACE23}) (Version: 2.0.0.57 - AuthenTec, Inc.) Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira) AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2011.0424.2249.39080 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2011.1109.2212.39826 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2011.0424.2249.39080 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Dutch (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help English (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help French (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help German (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Italian (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Japanese (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Korean (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Portuguese (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Spanish (x32 Version: 2011.0424.2248.39080 - ATI) Hidden CCC Help Swedish (x32 Version: 2011.0424.2248.39080 - ATI) Hidden ccc-core-static (x32 Version: 2011.0424.2249.39080 - Ihr Firmenname) Hidden ccc-utility64 (Version: 2011.0424.2249.39080 - ATI) Hidden Common Desktop Agent (Version: 1.53.0 - OEM) Hidden Conexant 20561 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.92.12.0 - Conexant) Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World) Custom UI Editor for Microsoft Office (HKLM-x32\...\{C644FAAE-42FD-4FEC-B170-AB40B128B9AF}) (Version: 3.14.1592 - Microsoft Corporation) cyberJack Base Components (HKLM-x32\...\{FC338210-F594-11D3-BA24-00001C3AB4DF}) (Version: 6.10.7 - REINER SCT) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version: - Microsoft) Deutsche Post E-Porto (HKLM-x32\...\{A51F5414-4A2B-45A0-8EF2-B4D29CFBCAE7}) (Version: 2.3.0 - Deutsche Post AG) Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo) Direct Printing Utility (HKLM-x32\...\Direct Printing Utility) (Version: 1.02.06:03 - Samsung Electronics Co., Ltd.) docUtilities (HKLM-x32\...\{3F4C4A23-73DA-4088-A28B-674AF855C5EE}) (Version: 1.4.12 - nutzware) Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden Dotfuscator Software Services - Community Edition - DEU (HKLM-x32\...\{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}) (Version: 5.0.2300.0 - PreEmptive Solutions) Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions) Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.63.1 - Lenovo Group Limited) Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{47AA145C-1698-4C76-A15B-23730399A423}) (Version: 11.1.21009.00 - Microsoft Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation) Excel VBA Code Cleaner 5.0 (HKLM-x32\...\Excel VBA Code Cleaner 5.0) (Version: - ) Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2736182) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2736182) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Team Foundation Server 2010-Objektmodell - DEU (KB2890573) (HKLM-x32\...\{A1F50E06-E514-393D-AAEB-2F989F0B7C68}.KB2890573) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2529927) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2529927) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2548139) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2548139) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2549864) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2549864) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2635973) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2635973) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2736182) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2736182) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual Studio 2010 Professional - DEU (KB2890573) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2890573) (Version: 1 - Microsoft Corporation) IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - ) Intel PROSet Wireless (Version: - ) Hidden Intel PROSet Wireless (x32 Version: - ) Hidden Intel(R) Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation) Intel(R) Network Connections 17.4.95.0 (HKLM\...\PROSetDX) (Version: 17.4.95.0 - Intel) Intel(R) Network Connections 17.4.95.0 (Version: 17.4.95.0 - Intel) Hidden Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{25FBDA9A-E868-4B3B-B9FF-D923818511A1}) (Version: 14.2.0000 - Intel Corporation) Intel® Active-Management-Technologie (HKLM\...\MESOL) (Version: - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden JavaScript Tooling (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.1.9.20595 - Juniper Networks, Inc.) Klok 2 (HKLM-x32\...\Klok2.DD7F2188B985C2439837C76B42A187050457E61B.1) (Version: 2.5.9 - Mcgraphix, Inc.) Klok 2 (x32 Version: 2.5.9 - Mcgraphix, Inc.) Hidden Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - ) Lenovo Fingerprint Software (HKLM\...\{2ED326C9-A4E6-4884-B3F0-9A6CFB0A1141}) (Version: 3.3.2.27 - AuthenTec, Inc.) Lenovo Patch Utility (HKLM-x32\...\{AD32F5E9-6BDD-480A-8B7B-95571D04691C}) (Version: 1.3.1.1 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (Version: 1.4.0.4 - Lenovo Group Limited) Hidden Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.04.05 - ) Lenovo Solution Center (HKLM\...\{D60E3A84-5DDC-49ED-B9A5-E3466996EB36}) (Version: 2.3.002.00 - Lenovo Group Limited) Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - ) LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Access database engine 2010 (German) (HKLM-x32\...\{90140000-00D1-0407-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 2 - DEU (HKLM-x32\...\{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU (HKLM-x32\...\{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}) (Version: 2.0.50331.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation) Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update - DEU (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 3 - Visual Studio 2012 Tools Update (x32 Version: 3.0.30710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime - DEU (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools - DEU (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages - Visual Studio 2012 Tools (x32 Version: 1.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation) Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - DEU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU (x32 Version: 4.1.20219.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 Runtime - DEU (x32 Version: 2.0.20710.0 - Microsoft Corporation) Hidden Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20715.0 - Microsoft Corporation) Hidden Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden Microsoft Expression Blend SDK for Silverlight 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (Version: 1.0.30319 - Microsoft Corporation) Hidden Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (Version: 1.1.40219 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation) Microsoft Help Viewer 2.0 Language Pack - DEU (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2012 v3.0 Core (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - DEU (x32 Version: 11.0.60308 - Microsoft Corporation) Hidden Microsoft LightSwitch für Visual Studio 2012 CoreRes - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Lync 2010 Attendee (HKLM-x32\...\{44228375-A198-489B-B90F-F88A1A78D5F5}) (Version: 4.0.7577.4415 - Microsoft Corporation) Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden Microsoft Office 2010 Code Compatibility Inspector Update 1 (HKLM-x32\...\{715D5ADB-4054-44FA-A2D8-8B7082E10A42}) (Version: 2.2.1 - Microsoft Corporation) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4569.1508 - Microsoft Corporation) Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Visio MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.60130.00 - Microsoft Corporation) Hidden Microsoft Portable Library Multi-Targeting Pack Language Pack - deu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden Microsoft Power Query for Excel (HKLM-x32\...\{1BCE483C-D8D3-451C-9FB8-3CD9F57E385B}) (Version: 1.5.3296.2082 - Microsoft Corporation) Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden Microsoft Report Viewer Add-On für Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Silverlight 3 SDK - Deutsch (HKLM-x32\...\{91F54E1D-804A-46D8-A56C-53EA9C4B3177}) (Version: 3.0.40818.0 - Microsoft Corporation) Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{803910CC-3A39-45E3-A594-0D5512A60A86}) (Version: 4.0.50826.0 - Microsoft Corporation) Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{5ADA62BD-2FC0-4ECE-93AA-C933E69B2AB5}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Transact-SQL-Sprachdienst (HKLM-x32\...\{BB1E119E-CF4B-4183-910E-A8C2B379F2C6}) (Version: 10.50.1752.9 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework (HKLM-x32\...\{919E5477-D20B-4F64-AE8B-8199469F7817}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Projekt (HKLM-x32\...\{103A5E44-DD5B-46D5-AD1E-9DF2260CA023}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation) Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation) Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server System CLR Types (x64) (HKLM\...\{0D432429-C79C-462D-ABD8-4D82B83A954B}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Sync Framework Runtime v1.0 SP1 (x64) de (HKLM\...\{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework SDK v1.0 SP1 de (HKLM-x32\...\{08DA8E46-ED67-451A-9246-50E0FF6959C9}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Framework Services v1.0 SP1 (x64) de (HKLM\...\{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}) (Version: 1.0.3010.0 - Microsoft Corporation) Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de (HKLM\...\{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}) (Version: 2.0.3010.0 - Microsoft Corporation) Microsoft Team Foundation Server 2010 Object Model - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Team Foundation Server 2010-Objektmodell - DEU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 32bit Compilers - DEU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Compilers - DEU Resources (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86-x64 Compilers (x32 Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Office Developer Tools (x64) (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Professional - DEU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - DEU) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Professional - DEU (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (x32 Version: 10.0.40219 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40303 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU (Version: 10.0.40303 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40303 - Microsoft Corporation) Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012 Tools für SQL Server Compact 4.0 SP1 DEU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012-Leistungserfassungstools - DEU (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012-Leistungserfassungstools (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio 2012-Vorbereitung (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Macro Tools - DEU Language Pack (HKLM-x32\...\Microsoft Visual Studio Macro Tools - DEU Language Pack) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Macro Tools - DEU Language Pack (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Macro Tools (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden Microsoft Visual Studio Professional 2012 - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{66efbe1c-fcf5-4623-93f6-1ae2445aff93}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU (Version: 11.0.60315 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation) Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation) Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 - deu (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden Microsoft Web Developer Tools 2012.2 - Visual Studio 2012 (x32 Version: 1.2.40308.0 - Microsoft Corporation) Hidden Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation) Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.5 - F.J. Wechselberger) MZ-Tools 3.0 für VBA (HKLM-x32\...\{2B69AD59-FA30-47fc-B950-FA27E7D16A73}_is1) (Version: - MZTools Software) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation) OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org) Oracle VM VirtualBox 4.3.6 (HKLM\...\{DC65DFD8-E175-4A85-948A-42965853B2E8}) (Version: 4.3.6 - Oracle Corporation) PDF Creator Pilot 4.3 x64 Edition (HKLM\...\{467D4F46-B75D-4E9F-B710-D933D687B9BD}) (Version: 4.3 - Two Pilots) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.214.0 - Tracker Software Products Ltd) PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden RICOH R5U8xx Media Driver ver.3.64.02 (HKLM-x32\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.64.02 - RICOH) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.00.70.00 - Samsung Electronics Co., Ltd.) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.2.0.12014_18 - Samsung Electronics Co., Ltd.) Hidden Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.1.0 - Samsung Electronics) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung Scan Assistant (HKLM-x32\...\Samsung Scan Assistant) (Version: 1.04.22.00 - Samsung Electronics Co., Ltd.) Samsung SCX-483x 5x3x Series (HKLM-x32\...\Samsung SCX-483x 5x3x Series) (Version: - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (x32 Version: 1.0.0.13052_1 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.0 - SAMSUNG Electronics Co., Ltd.) Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group) Scribble Papers 2.6.1 (HKLM-x32\...\Scribble Papers_is1) (Version: - Jens Hoetger) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Sicherheitsupdate für Microsoft Visual Studio 2010 Professional - DEU (KB2645410) (HKLM-x32\...\{CAD6AA29-9CA1-384D-8034-566261CFCC9B}.KB2645410) (Version: 1 - Microsoft Corporation) Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.) Snagit 11 (HKLM-x32\...\{D0CC22F6-A67A-4083-A043-E0640CB7A4DF}) (Version: 11.2.1 - TechSmith Corporation) soapUI 4.5.1 4.5.1 (HKLM-x32\...\5517-2803-0637-4585) (Version: 4.5.1 - SmartBear Software) SoapUI 4.6.4 4.6.4 (HKLM-x32\...\5517-2803-0637-4585-1) (Version: 4.6.4 - SmartBear Software) SoapUI 4.6.4-m-SNAPSHOT 4.6.4-m-SNAPSHOT (HKLM\...\5517-2803-0637-4585) (Version: 4.6.4-m-SNAPSHOT - SmartBear Software) ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.40 - ) ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems) ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.9 - ) ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.10 - Lenovo) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.11.0.0 - Lenovo) ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.78.0.11 - Lenovo) tools-linux (x32 Version: 9.2.0.812388 - VMware, Inc.) Hidden TortoiseSVN 1.7.13.24257 (64 bit) (HKLM\...\{4560A53B-3BB7-4B72-829E-5BDE5803DC11}) (Version: 1.7.24257 - TortoiseSVN) TV-Browser 3.3.1 (HKLM-x32\...\tvbrowser) (Version: 3.3.1 - TV-Browser Team) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.VISIOR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.VISIOR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.VISIOR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{81812245-FC84-426A-BC02-6659C88CC7B2}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2878227) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5D357893-40BA-4323-86BA-D97C66CD72F4}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft) Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{56ef8912-352f-4fab-9c73-6f1c92a7127f}) (Version: 11.0.51219 - Microsoft Corporation) Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version: - Microsoft) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) Visual Studio 2012 Prerequisites - DEU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden Visual Studio 2012 Update 2 (KB2707250) (HKLM-x32\...\{2fba7dd0-b8eb-4185-aea3-e6910d3f8102}) (Version: 11.0.60315 - Microsoft Corporation) Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9201.20602 - Microsoft Corporation) Hidden VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN) WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation) Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation) Windows App Certification Kit Native Components (Version: 8.59.29736 - Microsoft Corporation) Hidden Windows App Certification Kit x64 (x32 Version: 8.59.29750 - Microsoft Corporation) Hidden Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012 (x32 Version: 1.8.60301.1601 - Microsoft) Hidden Windows Azure Tools für LightSwitch HTML Client für Visual Studio 2012 (DEU) (x32 Version: 1.8.60301.1601 - Microsoft) Hidden Windows Runtime Intellisense Content - de-de (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Windows-Treiberpaket - AuthenTec Inc. (ATSwpWDF) Biometric (01/14/2010 8.6.0.13) (HKLM\...\0481B164C8D1D26C560D6A5E717C5920D4362D60) (Version: 01/14/2010 8.6.0.13 - AuthenTec Inc.) WinSCP 5.2.7 RC (HKLM-x32\...\winscp3_is1) (Version: 5.2.7 RC - Martin Prikryl) WISO Mein Geld 2014 Professional (HKLM-x32\...\WISO Mein Geld 2014 Professional) (Version: - Buhl Data Service GmbH) WISO Mein Geld 2014 Professional (x32 Version: 16.0.1.0 - Buhl Data Service GmbH) Hidden WISO Steuer-Sparbuch 2013 (HKLM-x32\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH) WISO Steuer-Sparbuch 2014 (HKLM-x32\...\{CE7A4070-BF51-4E01-97E7-4D8E8A3E90C1}) (Version: 21.01.8499 - Buhl Data Service GmbH) Word 2007 Content Control Toolkit (HKLM-x32\...\{EFCDC354-00BA-4D01-A6AF-AF3311DA9F44}) (Version: 1.3.0 - Microsoft) Wuala CBFS (HKLM-x32\...\Wuala CBFS) (Version: 3.2.107.0 - LaCie) Zeta Resource Editor 2.2.0.27 (nur entfernen) (HKLM-x32\...\ZetaResourceEditor) (Version: 2.2.0.27 - Zeta Software GmbH) ==================== Restore Points ========================= 02-04-2014 05:22:24 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2013-01-30 11:44 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {090B4AB7-DBF7-4B46-99B2-686010A9F947} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-09-25] (Lenovo) Task: {1E8237EB-F70D-41C1-A018-1ED80178AE87} - System32\Tasks\{EE115A66-81F8-4BB0-B217-04BEBE8A840A} => C:\DRIVERS\WIN\HOTKEY\SETUP.EXE [2010-11-08] (Lenovo Group Limited) Task: {41EA3997-488E-4257-831C-B82A92726DEA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2013-12-17] (Microsoft Corporation) Task: {49B2A7CF-06B0-43B9-94F0-7F2482BF2672} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-01-21] (Microsoft) Task: {58F080E7-1D42-4AC7-845D-4AA260D7C5B1} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {9DF3EE27-1095-41C3-8922-65F2BD6A370C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {B6156107-FE51-4903-A9C0-EA9461C555BA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SIXTYFIVE-ike sixtyfive => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-03-19] (Microsoft Corporation) Task: {B6BFEBDA-1B04-4868-A438-1ACC553AB89A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-29] (Google Inc.) Task: {BB72872D-D780-4956-9D71-9C77ED223EA8} - System32\Tasks\CrystalDiskInfo => C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe [2013-04-24] (Crystal Dew World) Task: {E43CAEED-AE60-42B1-8276-E1575C7500FC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-09-25] () Task: {E9A7CC64-1F72-4C8A-8108-10F8A639E044} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-09-25] (Lenovo) Task: {F61B882B-CACB-4A4D-B3FA-A97A874A7E24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated) Task: {F9C2851D-4F56-4816-A467-9BA803E7906D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-29] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-02-05 07:45 - 2010-02-05 07:45 - 00117760 _____ () C:\Windows\system32\DTS.exe 2011-07-27 21:07 - 2011-07-27 21:07 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2012-10-24 13:14 - 2012-07-17 19:44 - 00054784 _____ () C:\Windows\System32\amgnpm.dll 2012-01-27 17:57 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll 2012-01-27 17:57 - 2006-02-22 11:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll 2011-03-03 07:26 - 2011-03-03 07:26 - 00034304 _____ () C:\Windows\System32\ssn2mlm.dll 2014-03-19 08:49 - 2013-10-31 18:13 - 00102568 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2013-12-20 09:31 - 2014-01-02 19:41 - 00621736 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll 2013-06-01 10:00 - 2013-06-01 10:00 - 00088848 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll 2012-01-09 09:25 - 2013-09-03 06:03 - 00117248 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL 2011-03-14 15:21 - 2011-03-14 15:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-04-24 23:48 - 2011-04-24 23:48 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2011-06-14 15:12 - 2013-10-22 06:12 - 01242112 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\ssn2mdu.dll 2013-02-26 09:34 - 2013-02-26 09:22 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll 2013-08-20 17:02 - 2013-08-20 17:02 - 00092456 _____ () C:\Program Files (x86)\Lenovo\Access Connections\AcWrpc.dll 2011-12-29 14:15 - 2007-05-31 08:38 - 00167936 ____N () C:\Windows\SysWOW64\SerialXP.dll 2013-06-01 08:06 - 2013-06-01 08:06 - 00070416 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll 2013-05-31 14:52 - 2013-05-31 14:52 - 07097344 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SnagItres.dll 2013-05-31 14:39 - 2013-05-31 14:39 - 00095232 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll 2013-05-31 14:38 - 2013-05-31 14:38 - 00089088 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll 2013-05-31 14:31 - 2013-05-31 14:31 - 04710400 ____R () C:\Program Files (x86)\TechSmith\Snagit 11\PDFNetC.dll 2014-04-03 11:15 - 2014-04-03 11:15 - 00165376 _____ () C:\Users\ike\AppData\Local\Wuala\Program0\lib.450\orangevolt-4n-1.1.2.dll 2014-04-03 11:15 - 2014-04-03 11:15 - 00370688 _____ () C:\Users\ike\AppData\Local\Wuala\Program0\lib.450\jcbfs3.dll 2014-04-03 11:17 - 2014-04-03 11:17 - 00949426 _____ () C:\Users\ike\AppData\Local\Wuala\Program0\lib.450\jnotify.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2014-02-15 19:56 - 2014-03-23 15:11 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-06-10 15:23 - 2013-05-17 19:02 - 00013824 _____ () C:\Program Files (x86)\Samsung SSD Magician\SAMSUNG_SSD.dll 2014-01-03 08:59 - 2014-02-10 19:04 - 00430080 _____ () C:\Windows\mod_frst.exe ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows:nlsPreferences ==================== Safe Mode (whitelisted) =================== HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\00619851.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\00619851.sys => ""="Driver" ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: AeLookupSvc => 3 MSCONFIG\Services: fdPHost => 3 MSCONFIG\Services: LENOVO.CAMMUTE => 2 MSCONFIG\Services: LENOVO.MICMUTE => 2 MSCONFIG\Services: LENOVO.TPKNRSVC => 2 MSCONFIG\Services: TeamViewer8 => 2 MSCONFIG\startupreg: AcWin7Hlpr => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: CDAServer => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe MSCONFIG\startupreg: FingerPrintSoftware => "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s MSCONFIG\startupreg: FingerPrintSoftwareSplashScreen => "C:\Program Files\Lenovo Fingerprint Software\SplashScreen.exe" \s MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup MSCONFIG\startupreg: KiesPDLR => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-03-03 12:52:25.947 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 12:43:57.472 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 11:43:02.699 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 11:14:58.410 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 11:05:26.793 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 11:00:04.740 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 09:24:44.099 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 09:10:29.750 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-03 08:56:18.710 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2014-03-02 11:51:41.385 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Memory info =========================== Percentage of memory in use: 37% Total physical RAM: 8086.02 MB Available physical RAM: 5051.52 MB Total Pagefile: 8184.2 MB Available Pagefile: 4720 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.36 GB) (Free:34.67 GB) NTFS Drive w: (Wuala) (Network) (Total:5 GB) (Free:3.77 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: E2A747C0) Partition: GPT Partition Type. ==================== End Of Log ============================ |
03.04.2014, 12:39 | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Proxy angeblich auf localhost:21320 Ok, Kontrollscans mit MBAM und ESET bitte Downloade Dir bitte Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
03.04.2014, 16:00 | #13 |
| Windows 7: Proxy angeblich auf localhost:21320 Habe alles unter meinem Admin-Account ausgeführt. Malwarebytes --> Suchlauf --> Aktionen angewendet --> Rechner neu gestartet --> Malwarebytes startet von alleine nochmal Als ich Eset installieren wollte, kam die Proxy-Meldung :-/ Anders als in meinem "normalen" Account habe ich im Admin-Account allerdings den Proxy-Eintrag gefunden!!! (Auf die Idee bin ich vorher nicht gekommen.) Proxy-Eintrag gelöscht --> Eset konnte installiert werden. 1. mbam.txt nach dem ersten Lauf Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 03.04.2014 Suchlauf-Zeit: 14:10:56 Logdatei: Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2014.04.03.03 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ikeAdmin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 350159 Verstrichene Zeit: 15 Min, 23 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 1 Malware.Trace, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\DISALLOWCPL|1, @biocpl.dll,-1, Löschen bei Neustart, [e21ee41c6e925fa10d48a63645bdad53] Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 03.04.2014 Suchlauf-Zeit: 14:31:19 Logdatei: Administrator: Ja Version: 2.00.0.1000 Malware Datenbank: v2014.04.03.03 Rootkit Datenbank: v2014.03.27.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ikeAdmin Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 348410 Verstrichene Zeit: 14 Min, 13 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 0 (No malicious items detected) Physische Sektoren: 0 (No malicious items detected) (end) Eset Code:
ATTFilter ESETSmartInstaller@High as downloader log: Can not open internetESETSmartInstaller@High as downloader log: Can not open internetCan not open internetESETSmartInstaller@High as downloader log: Can not open internetCan not open internetESETSmartInstaller@High as downloader log: Can not open internetCan not open internetESETSmartInstaller@High as downloader log: Can not open internetCan not open internetESETSmartInstaller@High as downloader log: Can not open internet# version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6920 # api_version=3.0.2 # EOSSerial=0baa06b6c19cb4469c59e564f72bc564 # engine=17739 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=false # unsafe_checked=false # antistealth_checked=true # utc_time=2014-04-03 02:51:36 # local_time=2014-04-03 04:51:36 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1033 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode=1799 16775165 100 95 12363 167208001 5135 0 # compatibility_mode=5893 16776573 100 94 7850 148166546 0 0 # scanned=434531 # found=0 # cleaned=0 # scan_time=7670 |
04.04.2014, 09:16 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Proxy angeblich auf localhost:21320 Sicherheitshalber nochmal die Proxeinträge löschen: Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: localhost:21320 Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
04.04.2014, 10:18 | #15 |
| Windows 7: Proxy angeblich auf localhost:21320 Hab sicherheitshalber mit meinen beiden Usern (einmal normal, einmal Admin-Rechte) das Ganze durchgeführt normaler User Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014 Ran by ike at 2014-04-04 11:07:11 Run:1 Running from C:\Users\ike\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: localhost:21320 ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found. ==== End of Fixlog ==== Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014 Ran by ikeAdmin at 2014-04-04 11:08:25 Run:2 Running from C:\Users\ike\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: localhost:21320 ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully. ==== End of Fixlog ==== Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014 Ran by ikeAdmin at 2014-04-04 11:11:23 Run:3 Running from C:\Users\ikeAdmin\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: localhost:21320 ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found. ==== End of Fixlog ==== Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014 Ran by ikeAdmin at 2014-04-04 11:12:13 Run:4 Running from C:\Users\ikeAdmin\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** ProxyEnable: Internet Explorer proxy is enabled. ProxyServer: localhost:21320 ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value not found. ==== End of Fixlog ==== |
Themen zu Windows 7: Proxy angeblich auf localhost:21320 |
antivir, antivirus, branding, browser, entfernen, error, fehlermeldung, festplatte, firefox, firefox 28.0, flash player, geld, google, google analytics, helper, home, mozilla, ntdll.dll, performance, proxy, proxyeinstellungen, pwmtr64v.dll, registry, rundll, schutz, security, software, svchost.exe, tracker, vista, windows, wiso |